General
-
Target
36db6411901b032d1c0ee031919e2eb7b5ceede4a30da9a4d97f5ec5720042e1_NeikiAnalytics.exe
-
Size
7.8MB
-
Sample
240701-fh5ztawhqa
-
MD5
e2f80e8f3e86ff78d09e067e17ee3490
-
SHA1
63d763a8d77cd0289bb57ae33088bf47537cab85
-
SHA256
36db6411901b032d1c0ee031919e2eb7b5ceede4a30da9a4d97f5ec5720042e1
-
SHA512
64688b4ec1918aa43a24b88631aacdb956208f246804a3b1eb97f6b746d5b27d99c05813d0d695d73badbdf0c6f5dc4ea731ec840ebf74a9f0cdc8e0cde3eeb9
-
SSDEEP
196608:j9jwtAaVkD+HNgkF6DGBIBmJx9KSGONOA:Bj/WNv6DGBx9KSj
Behavioral task
behavioral1
Sample
36db6411901b032d1c0ee031919e2eb7b5ceede4a30da9a4d97f5ec5720042e1_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
36db6411901b032d1c0ee031919e2eb7b5ceede4a30da9a4d97f5ec5720042e1_NeikiAnalytics.exe
-
Size
7.8MB
-
MD5
e2f80e8f3e86ff78d09e067e17ee3490
-
SHA1
63d763a8d77cd0289bb57ae33088bf47537cab85
-
SHA256
36db6411901b032d1c0ee031919e2eb7b5ceede4a30da9a4d97f5ec5720042e1
-
SHA512
64688b4ec1918aa43a24b88631aacdb956208f246804a3b1eb97f6b746d5b27d99c05813d0d695d73badbdf0c6f5dc4ea731ec840ebf74a9f0cdc8e0cde3eeb9
-
SSDEEP
196608:j9jwtAaVkD+HNgkF6DGBIBmJx9KSGONOA:Bj/WNv6DGBx9KSj
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-